#==============================================================#
# Default HBA
#==============================================================#
# local dbsu quick access
local  pgbouncer postgres                                       peer

# local all password access (for biz user test)
local   all     all                                             md5
host    all     all                         127.0.0.1/32        md5

# monitor user intranet access to pgbouncer stats
host   pgbouncer    {{ pg_monitor_username }}   10.0.0.0/8      md5
host   all          {{ pg_monitor_username }}   0.0.0.0/0       reject

# admin user have intranet access to pgbouncer admin
host   pgbouncer    {{ pg_admin_username }}     10.0.0.0/8      md5
host   all          {{ pg_admin_username }}     0.0.0.0/0       reject

#==============================================================#
# Common HBA
#==============================================================#
{% for hba in pgbouncer_hba_rules %}
{% if hba.role == 'common' %}
#  {% if 'title' in hba %}{{ hba.title }}{% endif %}

{% for rule in hba.rules %}
{{ rule }}
{% endfor %}

{% endif %}
{% endfor %}


#==============================================================#
# {{ pg_role }} HBA
#==============================================================#
{% for hba in pgbouncer_hba_rules %}
{% if hba.role == pg_role %}
#  {% if 'title' in hba %}{{ hba.title }}{% endif %}

{% for rule in hba.rules %}
{{ rule }}
{% endfor %}
{% endif %}
{% endfor %}


#==============================================================#
# Extra HBA
#==============================================================#
# add extra hba rules here

{% for hba in pgbouncer_hba_rules_extra %}
{% if hba.role == 'common' %}
#  {% if 'title' in hba %}{{ hba.title }}{% endif %}

{% for rule in hba.rules %}
{{ rule }}
{% endfor %}

{% endif %}
{% endfor %}

{% for hba in pgbouncer_hba_rules_extra %}
{% if hba.role == pg_role %}
#  {% if 'title' in hba %}{{ hba.title }}{% endif %}

{% for rule in hba.rules %}
{{ rule }}
{% endfor %}
{% endif %}
{% endfor %}


#==============================================================#
# Ad Hoc HBA
#==============================================================#
# manual maintained hba rules
